Application programming interface (api) request throttling

ABSTRACT

Disclosed are systems, methods, and non-transitory computer-readable media for application programming interface (API) request throttling. A method includes receiving a current API request having originated from an Internet Protocol (IP) address, determining a counter value of previous API requests that originated from the IP address and resulted in error, determining, based on the counter value of the previous API requests that originated from the IP address and resulted in error, to apply a delay to a processing of the current API request, and a length of the delay to apply to the processing of the current API request, causing the delay to be applied to the processing of the current API request using the determined length, and in response to determining that the delay has completed, causing the processing of the current API request to resume.

RELATED APPLICATIONS

This application is a continuation application of co-pending U.S. patentapplication Ser. No. 17/304,543, filed Jun. 22, 2021, which isincorporated herein by reference.

TECHNICAL FIELD

An embodiment of the present subject matter relates generally toapplication programming interface requests and, more specifically, toapplication programming interface (API) request throttling.

BACKGROUND

APIs are commonly used to enable communication between various computingsystems and/or software. An API defines the kinds of calls or requeststhat can be used to communicate and interact with a given computingsystem, how to initiate the calls or request, the data formats thatshould be used, the conventions to follow, and the like. While APIs areuseful for facilitating communication between computing systems, theycan also be used for nefarious purposes. For example, APIs can be usedto initiate a denial-of-service (DoS) attack in which a computing systemis flooded with API requests to overload the system and disrupt theservice. To protect against a DoS attack, current systems may blockincoming API requests from identified sources of the attack.

In some cases, however, what appears to be a DoS attack may be causedaccidentally by a legitimate source. For example, a legitimate APIrequest that results in an error may cause the source system toretransmit the API request. This sequence may repeat continuously,thereby creating the impression that the source system is initiating aDoS attack. Current methods, such as blocking incoming API requests fromthe source of the API request, may not be suitable in this type ofsituation as the API requests are being transmitted for legitimatepurposes. Accordingly, improvements are needed.

SUMMARY

A request throttling system monitors incoming API requests and appliesdelays to repeated API requests to avoid an overload and/or disruptionin service. Upon receiving an API request from a requesting device, therequest throttling system determines a counter value that is used todetermine whether to apply a delay to API request. The counter valueindicates a number or previous requests received from the requestingdevice that were directed to the same resource and which resulted in anerror. The request throttling system compares the counter value to athreshold value to determine whether to apply a delay to the APIrequest. Applying a delay reduces the speed at which subsequent repeatAPI requests are received from the requesting device, while stillallowing for API requests from the requesting device to be processed.

In some embodiments, the length of the delay applied by the requestthrottling system may be variable based on the counter value. Forexample, the length of the delay applied by the request throttlingsystem may increase as subsequent repetitive API requests are received.In this type of embodiment, the request throttling system uses multiplethreshold value to determine the length of delay to apply to an APIrequest.

BRIEF DESCRIPTION OF THE DRAWINGS

In the drawings, which are not necessarily drawn to scale, like numeralsmay describe similar components in different views. Like numerals havingdifferent letter suffixes may represent different instances of similarcomponents. Some embodiments are illustrated by way of example, and notlimitation, in the figures of the accompanying drawings in which:

FIG. 1 shows a system for API request throttling, according to someexample embodiments.

FIG. 2 is a block diagram of a request throttling system, according tosome example embodiments

FIGS. 3A and 3B show communications within a system providing APIrequest throttling, according to some example embodiments.

FIG. 4 is a flow diagram of a method for API request throttling when acounter value exceeds a threshold value, according to some exampleembodiments.

FIG. 5 is a flow diagram of a method for API request throttling when acounter value does not exceed a threshold value, according to someexample embodiments.

FIG. 6 is a flow diagram of a method for API request throttling usingdelays with varying lengths, according to some example embodiments.

FIG. 7 is a block diagram illustrating components of a machine,according to some example embodiments, able to read instructions from amachine-readable medium (e.g., a machine-readable storage medium) andperform any one or more of the methodologies discussed herein.

FIG. 8 is a block diagram illustrating components of a machine,according to some example embodiments, able to read instructions from amachine-readable medium (e.g., a machine-readable storage medium) andperform any one or more of the methodologies discussed herein.

DETAILED DESCRIPTION

In the following description, for purposes of explanation, variousdetails are set forth in order to provide a thorough understanding ofsome example embodiments. It will be apparent, however, to one skilledin the art, that the present subject matter may be practiced withoutthese specific details, or with slight alterations.

Reference in the specification to “one embodiment” or “an embodiment”means that a particular feature, structure, or characteristic describedin connection with the embodiment is included in at least one embodimentof the present subject matter. Thus, the appearances of the phrase “inone embodiment” or “in an embodiment” appearing in various placesthroughout the specification are not necessarily all referring to thesame embodiment.

For purposes of explanation, specific configurations and details are setforth in order to provide a thorough understanding of the presentsubject matter. However, it will be apparent to one of ordinary skill inthe art that embodiments of the subject matter described may bepracticed without the specific details presented herein, or in variouscombinations, as described herein. Furthermore, well-known features maybe omitted or simplified in order not to obscure the describedembodiments. Various examples may be given throughout this description.These are merely descriptions of specific embodiments. The scope ormeaning of the claims is not limited to the examples given.

Disclosed are systems, methods, and non-transitory computer-readablemedia for API request throttling. A request throttling system appliesdelays to repeated API requests to avoid an overload and/or disruptionin service. Applying a delay to an API request reduces the speed atwhich subsequent repeat API requests are received from the requestingdevice, while still allowing for API requests from the requesting deviceto be processed.

FIG. 1 shows a system 100 for API request throttling, according to someexample embodiments. As shown, multiple devices (i.e., requestingdevices 102 and service provider system 104) are connected to acommunication network 106 and configured to communicate with each otherthrough use of the communication network 106. The communication network106 is any type of network, including a local area network (LAN), suchas an intranet, a wide area network (WAN), such as the internet, atelephone and mobile device network, such as cellular network, or anycombination thereof. Further, the communication network 106 may be apublic network, a private network, or a combination thereof. Thecommunication network 106 is implemented using any number ofcommunication links associated with one or more service providers,including one or more wired communication links, one or more wirelesscommunication links, or any combination thereof. Additionally, thecommunication network 106 is configured to support the transmission ofdata formatted using any number of protocols.

Multiple computing devices can be connected to the communication network106. A computing device is any type of general computing device capableof network communication with other computing devices. For example, acomputing device can be a personal computing device such as a desktop orworkstation, a business server, or a portable computing device, such asa laptop, smart phone, or a tablet personal computer (PC). A computingdevice can include some or all of the features, components, andperipherals of the machine 800 shown in FIG. 8 .

To facilitate communication with other computing devices, a computingdevice includes a communication interface configured to receive acommunication, such as a request, data, and the like, from anothercomputing device in network communication with the computing device andpass the communication along to an appropriate module running on thecomputing device. The communication interface also sends a communicationto another computing device in network communication with the computingdevice.

The service provider system 104 provides any type of service that can beaccessed via the communication network 106. For example, the serviceprovider system 104 may provide an online service, such as a website,communication service, banking service, email service, retail service,travel service, and the like.

Requesting devices 102 may communicate with and utilize thefunctionality of the service provider system 104 through use of an APIprovided by the service provider system 104. The API defines the kindsof calls or requests that can be used to communicate and interact withthe service provider system 104, how to initiate the calls or request,the data formats that should be used, the conventions to follow, and thelike. Accordingly, the requesting devices 102 can use the API totransmit API requests to the service provider system 104.

Although the shown system 100 includes only four requesting devices 102and one service provider system 104, this is only for ease ofexplanation and is not meant to be limiting. One skilled in the artwould appreciate that the system 100 can include any number ofrequesting device 102 and/or service provider system 104. Further, eachservice provider system 104 may concurrently accept communications fromand/or interact with any number of requesting devices 102, and supportconnections from a variety of different types of requesting devices 102,such as servers, desktop computers; mobile computers; mobilecommunications devices, e.g., mobile phones, smart phones, tablets;smart televisions; set-top boxes; and/or any other network enabledcomputing devices. Hence, the requesting devices 102 may be of varyingtype, capabilities, operating systems, and so forth.

API requests transmitted to the service provider system 104 by therequesting devices 102 are directed to various resources of the serviceprovider system 104. For example, the API made available by the serviceprovider system 104 may define the request paths for directing APIrequests to the various resources of the service provider system 104, aswell as the functionality provided by the various resources. Uponreceiving an API request, the service provider system 104 uses therequest path included in the API request to forward API request to theappropriate resource, where it is processed. The resource may generatean API response to be returned to the requesting device 102. Forexample, API response may include a response code indicating whether theAPI request was successful or unsuccessful (e.g., resulted in an error).

A requesting device 102 may be configured to retransmit an API requestthat was unsuccessful (e.g., resulted in an error) until it issuccessfully processed by the service provider system 104. This canbecome problematic if the API request repeatedly fails as it will causethe requesting device 102 to retransmit repeated API requests that mayoverload the resource of the service provider system 104 as is the casewith a DoS attack. Current methods with blocking DoS attacks, such asblocking incoming API requests from the requesting device 102, are notsuitable in this type of situation as the repeated API requests arebeing transmitted for legitimate, rather nefarious, purposes.

To alleviate this issue, the service provider system 104 utilizes arequest throttling system 108 that applies delays to repeated APIrequests to avoid an overload and/or disruption in service. The requestthrottling system 108 determines whether to apply a delay to an APIrequest based on a counter value determined from previous API requestsfrom the requesting device 102 that are directed to the same resourceand resulted in an error. The request throttling system 108 compares thecounter values to a threshold value and determines whether to apply adelay based on the comparison. For example, the request throttlingsystem 108 applies a delay when the counter value meets or exceeds thethreshold value. Alternatively, the request throttling system 108 doesnot apply a delay when the counter value is less than the thresholdvalue. Applying a delay reduces the speed at which subsequent repeatedAPI requests are transmitted by the requesting device 102 while stillallowing for API requests from the requesting device 102 to be processedby the service provider system 104.

FIG. 2 is a block diagram of a request throttling system 108, accordingto some example embodiments. To avoid obscuring the inventive subjectmatter with unnecessary detail, various functional components (e.g.,modules) that are not germane to conveying an understanding of theinventive subject matter have been omitted from FIG. 2 . However, askilled artisan will readily recognize that various additionalfunctional components may be supported by the request throttling system108 to facilitate additional functionality that is not specificallydescribed herein. Furthermore, the various functional modules depictedin FIG. 2 may reside on a single computing device or may be distributedacross several computing devices in various arrangements such as thoseused in cloud-based architectures.

As shown, the request throttling system 108 includes a receivingcomponent 202, a counter value determination component 204, a delaydetermination component 206, a delay implementation component 208, aresponse component 210, and a data storage 212.

The receiving component 202 receives notifications indicating that anAPI request has been received by the service provider system 104. Theservice provider system 104 notifies the request throttling system 108that an API request has been received prior to forwarding the APIrequest to the appropriate resource of the service provider system 104to be processed. The notification may include data associated with thereceived API request, such as data identifying the requesting device 102(e.g., IP address) and data identifying the resource of the serviceprovider system 104 to which the API request is directed (e.g., requestpath). The receiving component 202 provides data received in thenotification to the other components of the request throttling system108 and/or stores the data in the data storage 212, where it may beaccessed by the other components of the request throttling system 108.

The counter value determination component 204 determines a counter valuebased on the received API request. As explained earlier, the requestthrottling system 108 may apply delays to repeated API requests toprevent an overload and/or disruption in service. The counter valueindicates whether the API request is a repeated API request as well asthe number of repeated API request that have been received. A repeatedAPI request is an API request that was transmitted as a result of aprevious API request resulting in an error. The repeated API requesttherefore originates from the same originating device 102 and isdirected to the same resource of the service provider system 104 as theprevious API request that resulted in an error.

The counter value determination component 204 determines the countervalue based on previous messages that originated from the sameoriginating device 102 and were directed to the same resource of theservice provider system 104. For example, the counter valuedetermination component 204 uses data included in the notificationreceived by the receiving component 202 (e.g., IP address and requestpath) to identify a set of previous API messages that originated fromthe same IP address and were directed to the same request path.

The counter value determination component 204 uses the set of previousAPI messages to determine a number of the previous API messages thatwere sequentially received and resulted in a matching error. Forexample, if the most recent of the previous API messages did not resultin an error, the counter value is determined to be 0. Alternatively, ifthe most recent of the previous API messages did result in an error, butthe API message received sequentially prior to it did not result in thesame error, the counter value is determined to be 1. As another example,if the three most recent API messages all resulted in the same error,the counter value is determined to be 3.

The counter value determination component 204 provides the counter valueto the delay determination component 206, which determines whether toapply a delay to the API request. For example, the delay determinationcomponent 206 compares the counter value to a threshold value. If thecounter value meets or exceeds the threshold value, the delaydetermination component 206 determines that a delay should be appliedprior to the API request being processed. Alternatively, if the countervalue does not meet or exceed the threshold value (e.g., is less thanthe threshold value), the delay determination component 206 determinesthat the API request can be processed without applying a delay.

In some embodiments, the threshold value used by the delay determinationcomponent 206 is a universal threshold value. For example, the delaydetermination component 206 may use the same universal threshold valuefor all API requests.

Alternatively, in some embodiments, the threshold value used by thedelay determination component 206 may be based on the API request, suchas being based on the response code (e.g., error), IP address and/orrequest path associated with the API request and/or the previous APIrequests. In this type of embodiment, different threshold values areused rather than a singular threshold value. For example, differentthreshold values may be used for different resources of the serviceprovider system 104, response codes, and/or requesting devices 102.

In this type of embodiment, the delay determination component 206 usesthe data associated with the API request and/or the identified set ofprevious API requests to identify the appropriate threshold value fordetermining whether to apply a delay. For example, the delaydetermination component 206 may use the request path to identify athreshold value associated with a resource of the service providersystem 104. Similarly, the delay determination component 206 may use theIP address to identify the threshold value associated with therequesting device 102 and/or the response code to identify the thresholdvalue associated with the specified error.

In addition to determining whether to apply a delay, the delaydetermination component 206 may also determine the length of the delayto apply. In some embodiments, the request throttling system 108 mayincrease the length of the delay used as subsequent repeated APIrequests are received from a requesting device 102. Using varying delaysprovides for longer delays when an API request is repeatedly failing andresulting in multiple repeated API requests.

In this type of embodiment, the delay determination component 206 uses aset of threshold values rather than a single threshold value. Eachthreshold value in the set of threshold values is associated with adelay length. Each delay length may indicate a time period, such as 10second, 20 seconds, 1 minute, and the like.

The delay determination component 206 compares the counter value to theset of the threshold values to identify the highest threshold value thatis met or exceeded by the counter value. The delay length associatedwith the identified highest threshold value is used when applying adelay in relation to the API request. Alternatively, a delay is notapplied if the counter value does not meet or exceed any of thethreshold values in the set of threshold values.

The delay determination component 206 notifies the delay implementationcomponent 208 when a delay is to be applied to an API request. Forexample, the delay determination component 206 provides the delayimplementation component 208 with the delay length to be applied. Inturn, the delay implementation component 208 implements the requesteddelay. For example, the delay implementation component 208 causes apause based on the delay length associated with the delay. After thedelay has completed (e.g., the length of the delay has elapsed) thedelay implementation component 208 instructs the response component 210to notify the service provider system 104 to process the API request. Asa result, the service provider system 104 forwards the API request tothe corresponding resource to be processed.

Alternatively, if the delay determination component 206 determines thata delay should not be applied to the API request, the delaydetermination component 206 instructs the response component 210 tonotify the service provider system 104 to process the API request. As aresult, the service provider system 104 forwards the API request to thecorresponding resource to be processed without a delay beingimplemented.

FIGS. 3A and 3B show communications within a system 300 providing APIrequest throttling, according to some example embodiments. FIG. 3A showsan example in which a delay is not implemented to an API request 306. Asshown, the requesting device 102 transmits an API request 306 to theservice provider system 104. The API request 306 includes dataidentifying the requesting device 102, such as an originating IPaddress, as well as a request path identifying a resource 304 of theservice provider system 104 to which the API request 306 is directed.The API request 306 is received by the API request management component302.

The API request management component 302 transmits a notification 308 tothe request throttling system 108, which determines whether to apply adelay prior to processing the API request 306. The notification 308includes the originating IP address identifying the requesting device102 and the request path identifying the resource 304. The requestthrottling system 108 uses the originating IP address and request pathto determine 310 that a delay should not be applied. For example, therequest throttling system 108 determines 310 that a counter value forthe API request 306 is less than a threshold value. Accordingly, therequest throttling system 108 notifies the API request managementcomponent 302 to resume 312 processing the API request 306 withouthaving initiated a delay.

The API request management component 302 forwards 314 the API request306 to the appropriate resource 304, where it is processed. The resource304 generates an API response 316 that includes a response codeindicating the result of processing the API request 306. This mayinclude a response code indicating that the API request 306 wassuccessfully processed or resulted in an error. The API response 316 isreturned to the API request management component 302, which in turnforwards the API response 318 to the requesting device 102. The APIrequest management component 302 also updates 320 the request throttlingsystem 108 based on the API response 316. This may include providing therequest throttling system 108 with the response code included in the APIresponse 316.

The request throttling system 108 generates/updates its records based onthe update 320 received from the API request management component 302.The updated records can be subsequently used by the request throttlingsystem 108 in determining whether to apply a delay to an API request306.

FIG. 3B shows an example in which a delay is implemented to an APIrequest 306. As shown, the requesting device 102 transmits an APIrequest 306 to the service provider system 104. The API request 306includes data identifying the requesting device 102, such as anoriginating IP address, as well as a request path identifying a resource304 of the service provider system 104 to which the API request 306 isdirected. The API request 306 is received by the API request managementcomponent 302.

The API request management component 302 transmits a notification 308 tothe request throttling system 108, which determines whether to apply adelay prior to processing the API request 306. The notification 308includes the originating IP address identifying the requesting device102 and the request path identifying the resource 304.

In contrast to the operations shown in FIG. 3A, in FIG. 3B the requestthrottling system 108 determines 322 that a delay should be applied. Forexample, the request throttling system 108 determines 322 that a countervalue for the API request 306 meets or exceeds a threshold value.Accordingly, the request throttling system 108 executes a delay 324.After determining that the delay 324 has completed, the requestthrottling system 108 notifies the API request management component 302to resume 312 processing the API request 306 and the communicationsproceed in a similar manner as described in relation to FIG. 3A. Forexample, the API request management component 302 forwards the APIrequest 306 to the appropriate resource 304, where the API request 306is processed. The resource 304 generates an API response 316 thatincludes a response code indicating the result of processing the APIrequest 306 and transmits the API response 316 to the API requestmanagement component 302. In turn, the API request management component302 forwards the API response 318 to the requesting device 102 andupdates 320 the request throttling system 108 based on the API response316.

FIG. 4 is a flow diagram of a method 400 for API request throttling whena counter value exceeds a threshold value, according to some exampleembodiments. The method 400 may be embodied in computer readableinstructions for execution by one or more computer processors such thatthe operations of the method 400 may be performed in part or in whole bythe request throttling system 108; accordingly, the method 400 isdescribed below by way of example with reference to the requestthrottling system 108. However, it shall be appreciated that at leastsome of the operations of the method 400 may be deployed on variousother hardware and/or software configurations and the method 400 is notintended to be limited to the request throttling system 108.

At operation 402, the service provider system 104 receives an APIrequest from an originating IP address. The API request includes anoriginating IP address that identifies the requesting device 102 thattransmitted the API request, as well as a request path identifying aresource of the service provider system 104 to which the API request isdirected.

At operation 404, the counter value determination component 204determines a counter value based on previous API requests received fromthe originating IP address. As explained earlier, the request throttlingsystem 108 may apply delays to repeated API requests to prevent anoverload and/or disruption in service. The counter value indicateswhether the API request is a repeated API request as well as the numberof repeated API request that have been received. A repeated API requestis an API request that was transmitted as a result of a previous APIrequest resulting in an error. The repeated API request thereforeoriginated from the same originating device 102 and is directed to thesame resource of the service provider system 104 as the previous APIrequest that resulted in an error.

The counter value determination component 204 determines the countervalue based on previous messages that originated from the sameoriginating device 102 and that were directed to the same resource ofthe service provider system 104. For example, the counter valuedetermination component 204 uses the originating IP address and requestpath to identify a set of previous API messages that originated from thesame IP address and that were directed to the same request path. Thecounter value determination component 204 uses the set of previous APImessages to determine a number of the previous API messages that weresequentially received and resulted in a matching error.

At operation 406, the delay determination component 206 determines thatthe counter value exceeds a threshold value. The delay determinationcomponent 206 determines whether to apply a delay to the API request bycomparing the counter value to a threshold value. If the counter valuemeets or exceeds the threshold value, the delay determination component206 determines that a delay should be applied prior to the API requestbeing processed. Alternatively, if the counter value does not meet orexceed the threshold value (e.g., is less than the threshold value), thedelay determination component 206 determines that the API request can beprocessed without applying a delay.

At operation 408, the delay implementation component 208 initiates adelay. For example, the delay implementation component 208 causes apause based on the delay length associated the delay, after which thedelay implementation component 208 instructs the response component 210to notify the service provider system 104 to process the API request.

At operation 410, the service provider system 104 processes the APIrequest after the delay has completed. For example, the service providersystem 104 forwards the API request to the corresponding resource to beprocessed.

FIG. 5 is a flow diagram of a method 500 for API request throttling whena counter value does not exceed a threshold value, according to someexample embodiments. The method 500 may be embodied in computer readableinstructions for execution by one or more computer processors such thatthe operations of the method 500 may be performed in part or in whole bythe request throttling system 108; accordingly, the method 500 isdescribed below by way of example with reference to the requestthrottling system 108. However, it shall be appreciated that at leastsome of the operations of the method 500 may be deployed on variousother hardware and/or software configurations and the method 500 is notintended to be limited to the request throttling system 108.

At operation 502, the service provider system 104 receives an APIrequest from an originating IP address. The API request includes anoriginating IP address that identifies the requesting device 102 thattransmitted the API request, as well as a request path identifying aresource of the service provider system 104 to which the API request isdirected.

At operation 504, the counter value determination component 204determines a counter value based on previous API requests received fromthe originating IP address. As explained earlier, the request throttlingsystem 108 may apply delays to repeated API requests to prevent anoverload and/or disruption in service. The counter value indicateswhether the API request is a repeated API request as well as the numberof repeated API request that have been received. A repeated API requestis an API request that was transmitted as a result of a previous APIrequest resulting in an error. The repeated API request thereforeoriginated from the same originating device 102 and is directed to thesame resource of the service provider system 104 as the previous APIrequest that resulted in an error.

The counter value determination component 204 determines the countervalue based on previous messages that originated from the sameoriginating device 102 and that were directed to the same resource ofthe service provider system 104. For example, the counter valuedetermination component 204 uses the originating IP address and requestpath to identify a set of previous API messages that originated from thesame IP address and were directed to the same request path. The countervalue determination component 204 uses the set of previous API messagesto determine a number of the previous API messages that weresequentially received and resulted in a matching error.

At operation 506, the delay determination component 206 determines thatthe counter value does not exceed a threshold value. To determinewhether to apply a delay, the delay determination component 206 comparesthe counter value to a threshold value. If the counter value meets orexceeds the threshold value, the delay determination component 206determines that a delay should be applied prior to the API request beingprocessed. Alternatively, if the counter value does not meet or exceedthe threshold value (e.g., is less than the threshold value), the delaydetermination component 206 determines that the API request can beprocessed without applying a delay.

At operation 508, the service provider system 104 processes the APIrequest without initiating a delay. For example, the service providersystem 104 forwards the API request to the corresponding resource to beprocessed

FIG. 6 is a flow diagram of a method 600 for API request throttlingusing delays with varying lengths, according to some exampleembodiments. The method 600 may be embodied in computer readableinstructions for execution by one or more computer processors such thatthe operations of the method 600 may be performed in part or in whole bythe request throttling system 108; accordingly, the method 600 isdescribed below by way of example with reference to the requestthrottling system 108. However, it shall be appreciated that at leastsome of the operations of the method 600 may be deployed on variousother hardware and/or software configurations and the method 600 is notintended to be limited to the request throttling system 108.

At operation 602, the service provider system 104 receives an APIrequest from an originating IP address. The API request includes anoriginating IP address that identifies the requesting device 102 thattransmitted the API request, as well as a request path identifying aresource of the service provider system 104 to which the API request 306is directed.

At operation 604, the counter value determination component 204determines a counter value based on previous API requests received fromthe originating IP address. As explained earlier, the request throttlingsystem 108 may apply delays to repeated API requests to prevent anoverload and/or disruption in service. The counter value indicateswhether the API request is a repeated API request as well as the numberof repeated API request that have been received. A repeated API requestis an API request that was transmitted as a result of a previous APIrequest resulting in an error. The repeated API request thereforeoriginated from the same originating device 102 and is directed to thesame resource of the service provider system 104 as the previous APIrequest that resulted in an error.

The counter value determination component 204 determines the countervalue based on previous messages that originated from the sameoriginating device 102 and that were directed to the same resource ofthe service provider system 104. For example, the counter valuedetermination component 204 uses the originating IP address and requestpath to identify a set of previous API messages that originated from thesame IP address and were directed to the same request path. The countervalue determination component 204 uses the set of previous API messagesto determine a number of the previous API messages that weresequentially received and resulted in a matching error.

At operation 606, the delay determination component 206 determines ahighest threshold value met by the counter value. The delaydetermination component 206 determines whether to apply a delay to theAPI request by comparing the counter value to a threshold value. If thecounter value meets or exceeds the threshold value, the delaydetermination component 206 determines that a delay should be appliedprior to the API request being processed. Alternatively, if the countervalue does not meet or exceed the threshold value (e.g., is less thanthe threshold value), the delay determination component 206 determinesthat the API request can be processed without applying a delay.

In some embodiments, the delay determination component 206 may alsodetermine the length of the delay to apply. For example, the requestthrottling system 108 may increase the length of the delay used assubsequent repeated API requests are received from a requesting device102. Using varying delays provides for longer delays when an API requestis repeatedly failing and resulting in multiple repeated API requests.

In this type of embodiment, the delay determination component 206 uses aset of threshold values rather than a single threshold value. Eachthreshold value in the set of threshold values is associated with adelay length. Each delay length may indicate a time period, such as 10second, 20 seconds, 1 minute, and the like.

The delay determination component 206 compares the counter value to theset of the threshold values to identify the highest threshold value thatis met or exceeded by the counter value. The delay length associatedwith the identified highest threshold value is used when applying adelay in relation to the API request. Alternatively, a delay is notapplied if the counter value does not meet or exceed any of thethreshold values in the set of threshold values

At operation 608, the delay determination component 206 determines adelay length based on the highest threshold value met by the countervalue. For example, the delay determination component 206 determines thedelay length based on the delay length associated with the highestthreshold value met by the counter value.

At operation 610, the delay implementation component 208 initiates adelay of the delay length. For example, the delay implementationcomponent 208 causes a pause based on the delay length associated thedelay. After determining that the delay length has elapsed, the delayimplementation component 208 instructs the response component 210 tonotify the service provider system 104 to process the API request.

At operation 612, the service provider system 104 processes the APIrequest after the delay has completed. For example, the service providersystem 104 forwards the API request to the corresponding resource to beprocessed.

Software Architecture

FIG. 7 is a block diagram illustrating an example software architecture706, which may be used in conjunction with various hardwarearchitectures herein described. FIG. 7 is a non-limiting example of asoftware architecture 706 and it will be appreciated that many otherarchitectures may be implemented to facilitate the functionalitydescribed herein. The software architecture 706 may execute on hardwaresuch as machine 800 of FIG. 8 that includes, among other things,processors 804, memory 814, and (input/output) I/O components 818. Arepresentative hardware layer 752 is illustrated and can represent, forexample, the machine 800 of FIG. 8 . The representative hardware layer752 includes a processing unit 754 having associated executableinstructions 704. Executable instructions 704 represent the executableinstructions of the software architecture 706, including implementationof the methods, components, and so forth described herein. The hardwarelayer 752 also includes memory and/or storage modules 756, which alsohave executable instructions 704. The hardware layer 752 may alsocomprise other hardware 758.

In the example architecture of FIG. 7 , the software architecture 706may be conceptualized as a stack of layers where each layer providesparticular functionality. For example, the software architecture 706 mayinclude layers such as an operating system 702, libraries 720,frameworks/middleware 718, applications 716, and a presentation layer714. Operationally, the applications 716 and/or other components withinthe layers may invoke application programming interface (API) calls 708through the software stack and receive a response such as messages 712in response to the API calls 708. The layers illustrated arerepresentative in nature and not all software architectures have alllayers. For example, some mobile or special purpose operating systemsmay not provide a frameworks/middleware 718, while others may providesuch a layer. Other software architectures may include additional ordifferent layers.

The operating system 702 may manage hardware resources and providecommon services. The operating system 702 may include, for example, akernel 722, services 724, and drivers 726. The kernel 722 may act as anabstraction layer between the hardware and the other software layers.For example, the kernel 722 may be responsible for memory management,processor management (e.g., scheduling), component management,networking, security settings, and so on. The services 724 may provideother common services for the other software layers. The drivers 726 areresponsible for controlling or interfacing with the underlying hardware.For instance, the drivers 726 include display drivers, camera drivers,Bluetooth® drivers, flash memory drivers, serial communication drivers(e.g., Universal Serial Bus (USB) drivers), Wi-Fi® drivers, audiodrivers, power management drivers, and so forth, depending on thehardware configuration.

The libraries 720 provide a common infrastructure that is used by theapplications 716 and/or other components and/or layers. The libraries720 provide functionality that allows other software components toperform tasks in an easier fashion than to interface directly with theunderlying operating system 702 functionality (e.g., kernel 722,services 724, and/or drivers 726). The libraries 720 may include systemlibraries 744 (e.g., C standard library) that may provide functions suchas memory allocation functions, string manipulation functions,mathematical functions, and the like. In addition, the libraries 720 mayinclude API libraries 746 such as media libraries (e.g., libraries tosupport presentation and manipulation of various media format such asMPEG4, H.264, MP3, AAC, AMR, JPG, PNG), graphics libraries (e.g., anOpenGL framework that may be used to render 2D and 3D in a graphiccontent on a display), database libraries (e.g., SQLite that may providevarious relational database functions), web libraries (e.g., WebKit thatmay provide web browsing functionality), and the like. The libraries 720may also include a wide variety of other libraries 748 to provide manyother APIs to the applications 716 and other softwarecomponents/modules.

The frameworks/middleware 718 (also sometimes referred to as middleware)provide a higher-level common infrastructure that may be used by theapplications 716 and/or other software components/modules. For example,the frameworks/middleware 718 may provide various graphical userinterface (GUI) functions, high-level resource management, high-levellocation services, and so forth. The frameworks/middleware 718 mayprovide a broad spectrum of other APIs that may be used by theapplications 716 and/or other software components/modules, some of whichmay be specific to a particular operating system 702 or platform.

The applications 716 include built-in applications 738 and/orthird-party applications 740. Examples of representative built-inapplications 738 may include, but are not limited to, a contactsapplication, a browser application, a book reader application, alocation application, a media application, a messaging application,and/or a game application. Third-party applications 740 may include anapplication developed using the ANDROID™ or IOS™ software developmentkit (SDK) by an entity other than the vendor of the particular platform,and may be mobile software running on a mobile operating system such asIOS™, ANDROID™, WINDOWS® Phone, or other mobile operating systems. Thethird-party applications 740 may invoke the API calls 708 provided bythe mobile operating system (such as operating system 702) to facilitatefunctionality described herein.

The applications 716 may use built in operating system functions (e.g.,kernel 722, services 724, and/or drivers 726), libraries 720, andframeworks/middleware 718 to create UIs to interact with users of thesystem. Alternatively, or additionally, in some systems, interactionswith a user may occur through a presentation layer, such as presentationlayer 714. In these systems, the application/component “logic” can beseparated from the aspects of the application/component that interactwith a user.

FIG. 8 is a block diagram illustrating components of a machine 800,according to some example embodiments, able to read instructions 704from a machine-readable medium (e.g., a machine-readable storage medium)and perform any one or more of the methodologies discussed herein.Specifically, FIG. 8 shows a diagrammatic representation of the machine800 in the example form of a computer system, within which instructions810 (e.g., software, a program, an application, an applet, an app, orother executable code) for causing the machine 800 to perform any one ormore of the methodologies discussed herein may be executed. As such, theinstructions 810 may be used to implement modules or componentsdescribed herein. The instructions 810 transform the general,non-programmed machine 800 into a particular machine 800 programmed tocarry out the described and illustrated functions in the mannerdescribed. In alternative embodiments, the machine 800 operates as astandalone device or may be coupled (e.g., networked) to other machines.In a networked deployment, the machine 800 may operate in the capacityof a server machine or a client machine in a server-client networkenvironment, or as a peer machine in a peer-to-peer (or distributed)network environment. The machine 800 may comprise, but not be limitedto, a server computer, a client computer, a PC, a tablet computer, alaptop computer, a netbook, a set-top box (STB), a personal digitalassistant (PDA), an entertainment media system, a cellular telephone, asmart phone, a mobile device, a wearable device (e.g., a smart watch), asmart home device (e.g., a smart appliance), other smart devices, a webappliance, a network router, a network switch, a network bridge, or anymachine 800 capable of executing the instructions 810, sequentially orotherwise, that specify actions to be taken by machine 800. Further,while only a single machine 800 is illustrated, the term “machine” shallalso be taken to include a collection of machines that individually orjointly execute the instructions 810 to perform any one or more of themethodologies discussed herein.

The machine 800 may include processors 804, memory/storage 806, and I/Ocomponents 818, which may be configured to communicate with each othersuch as via a bus 802. The memory/storage 806 may include a memory 814,such as a main memory, or other memory storage, and a storage unit 816,both accessible to the processors 804 such as via the bus 802. Thestorage unit 816 and memory 814 store the instructions 810 embodying anyone or more of the methodologies or functions described herein. Theinstructions 810 may also reside, completely or partially, within thememory 814, within the storage unit 816, within at least one of theprocessors 804 (e.g., within the processor's cache memory), or anysuitable combination thereof, during execution thereof by the machine800. Accordingly, the memory 814, the storage unit 816, and the memoryof processors 804 are examples of machine-readable media.

The I/O components 818 may include a wide variety of components toreceive input, provide output, produce output, transmit information,exchange information, capture measurements, and so on. The specific I/Ocomponents 818 that are included in a particular machine 800 will dependon the type of machine. For example, portable machines such as mobilephones will likely include a touch input device or other such inputmechanisms, while a headless server machine will likely not include sucha touch input device. It will be appreciated that the I/O components 818may include many other components that are not shown in FIG. 8 . The I/Ocomponents 818 are grouped according to functionality merely forsimplifying the following discussion and the grouping is in no waylimiting. In various example embodiments, the I/O components 818 mayinclude output components 826 and input components 828. The outputcomponents 826 may include visual components (e.g., a display such as aplasma display panel (PDP), a light emitting diode (LED) display, aliquid crystal display (LCD), a projector, or a cathode ray tube (CRT)),acoustic components (e.g., speakers), haptic components (e.g., avibratory motor, resistance mechanisms), other signal generators, and soforth. The input components 828 may include alphanumeric inputcomponents (e.g., a keyboard, a touch screen configured to receivealphanumeric input, a photo-optical keyboard, or other alphanumericinput components), point based input components (e.g., a mouse, atouchpad, a trackball, a joystick, a motion sensor, or other pointinginstrument), tactile input components (e.g., a physical button, a touchscreen that provides location and/or force of touches or touch gestures,or other tactile input components), audio input components (e.g., amicrophone), and the like.

In further example embodiments, the I/O components 818 may includebiometric components 830, motion components 834, environmentalcomponents 836, or position components 838 among a wide array of othercomponents. For example, the biometric components 830 may includecomponents to detect expressions (e.g., hand expressions, facialexpressions, vocal expressions, body gestures, or eye tracking), measurebiosignals (e.g., blood pressure, heart rate, body temperature,perspiration, or brain waves), identify a person (e.g., voiceidentification, retinal identification, facial identification,fingerprint identification, or electroencephalogram basedidentification), and the like. The motion components 834 may includeacceleration sensor components (e.g., accelerometer), gravitation sensorcomponents, rotation sensor components (e.g., gyroscope), and so forth.The environmental components 836 may include, for example, illuminationsensor components (e.g., photometer), temperature sensor components(e.g., one or more thermometer that detect ambient temperature),humidity sensor components, pressure sensor components (e.g.,barometer), acoustic sensor components (e.g., one or more microphonesthat detect background noise), proximity sensor components (e.g.,infrared sensors that detect nearby objects), gas sensors (e.g., gasdetection sensors to detect concentrations of hazardous gases for safetyor to measure pollutants in the atmosphere), or other components thatmay provide indications, measurements, or signals corresponding to asurrounding physical environment. The position components 838 mayinclude location sensor components (e.g., a GPS receiver component),altitude sensor components (e.g., altimeters or barometers that detectair pressure from which altitude may be derived), orientation sensorcomponents (e.g., magnetometers), and the like.

Communication may be implemented using a wide variety of technologies.The I/O components 818 may include communication components 840 operableto couple the machine 800 to a network 832 or devices 820 via coupling824 and coupling 822, respectively. For example, the communicationcomponents 840 may include a network interface component or othersuitable device to interface with the network 832. In further examples,communication components 840 may include wired communication components,wireless communication components, cellular communication components,near field communication (NFC) components, Bluetooth® components (e.g.,Bluetooth® Low Energy), Wi-Fi® components, and other communicationcomponents to provide communication via other modalities. The devices820 may be another machine or any of a wide variety of peripheraldevices (e.g., a peripheral device coupled via a USB).

Moreover, the communication components 840 may detect identifiers orinclude components operable to detect identifiers. For example, thecommunication components 840 may include radio frequency identification(RFID) tag reader components, NFC smart tag detection components,optical reader components (e.g., an optical sensor to detectone-dimensional bar codes such as Universal Product Code (UPC) bar code,multi-dimensional bar codes such as Quick Response (QR) code, Azteccode, Data Matrix, Dataglyph, MaxiCode, PDF417, Ultra Code, UCC RSS-2Dbar code, and other optical codes), or acoustic detection components(e.g., microphones to identify tagged audio signals). In addition, avariety of information may be derived via the communication components840 such as location via Internet Protocol (IP) geo-location, locationvia Wi-Fi® signal triangulation, location via detecting a NFC beaconsignal that may indicate a particular location, and so forth.

Glossary

“CARRIER SIGNAL” in this context refers to any intangible medium that iscapable of storing, encoding, or carrying instructions 810 for executionby the machine 800, and includes digital or analog communicationssignals or other intangible medium to facilitate communication of suchinstructions 810. Instructions 810 may be transmitted or received overthe network 832 using a transmission medium via a network interfacedevice and using any one of a number of well-known transfer protocols.

“CLIENT DEVICE” in this context refers to any machine 800 thatinterfaces to a communications network 832 to obtain resources from oneor more server systems or other client devices. A client device may be,but is not limited to, mobile phones, desktop computers, laptops, PDAs,smart phones, tablets, ultra books, netbooks, laptops, multi-processorsystems, microprocessor-based or programmable consumer electronics, gameconsoles, STBs, or any other communication device that a user may use toaccess a network 832.

“COMMUNICATIONS NETWORK” in this context refers to one or more portionsof a network 832 that may be an ad hoc network, an intranet, anextranet, a virtual private network (VPN), a LAN, a wireless LAN (WLAN),a WAN, a wireless WAN (WWAN), a metropolitan area network (MAN), theInternet, a portion of the Internet, a portion of the Public SwitchedTelephone Network (PSTN), a plain old telephone service (POTS) network,a cellular telephone network, a wireless network, a Wi-Fi® network,another type of network, or a combination of two or more such networks.For example, a network 832 or a portion of a network 832 may include awireless or cellular network and the coupling may be a Code DivisionMultiple Access (CDMA) connection, a Global System for Mobilecommunications (GSM) connection, or other type of cellular or wirelesscoupling. In this example, the coupling may implement any of a varietyof types of data transfer technology, such as Single Carrier RadioTransmission Technology (1xRTT), Evolution-Data Optimized (EVDO)technology, General Packet Radio Service (GPRS) technology, EnhancedData rates for GSM Evolution (EDGE) technology, third GenerationPartnership Project (3GPP) including 3G, fourth generation wireless (4G)networks, Universal Mobile Telecommunications System (UMTS), High SpeedPacket Access (HSPA), Worldwide Interoperability for Microwave Access(WiMAX), Long Term Evolution (LTE) standard, others defined by variousstandard setting organizations, other long range protocols, or otherdata transfer technology.

“MACHINE-READABLE MEDIUM” in this context refers to a component, deviceor other tangible media able to store instructions 810 and datatemporarily or permanently and may include, but is not be limited to,random-access memory (RAM), read-only memory (ROM), buffer memory, flashmemory, optical media, magnetic media, cache memory, other types ofstorage (e.g., erasable programmable read-only memory (EEPROM)), and/orany suitable combination thereof. The term “machine-readable medium”should be taken to include a single medium or multiple media (e.g., acentralized or distributed database, or associated caches and servers)able to store instructions 810. The term “machine-readable medium” shallalso be taken to include any medium, or combination of multiple media,that is capable of storing instructions 810 (e.g., code) for executionby a machine 800, such that the instructions 810, when executed by oneor more computer processors 804 of the machine 800, cause the machine800 to perform any one or more of the methodologies described herein.Accordingly, a “machine-readable medium” refers to a single storageapparatus or device, as well as “cloud-based” storage systems or storagenetworks that include multiple storage apparatus or devices. The term“machine-readable medium” excludes signals per se.

“COMPONENT” in this context refers to a device, physical entity, orlogic having boundaries defined by function or subroutine calls, branchpoints, APIs, or other technologies that provide for the partitioning ormodularization of particular processing or control functions. Componentsmay be combined via their interfaces with other components to carry outa machine process. A component may be a packaged functional hardwareunit designed for use with other components and a part of a program thatusually performs a particular function of related functions. Componentsmay constitute either software components (e.g., code embodied on amachine-readable medium) or hardware components. A “hardware component”is a tangible unit capable of performing certain operations and may beconfigured or arranged in a certain physical manner. In various exampleembodiments, one or more computer systems (e.g., a standalone computersystem, a client computer system, or a server computer system) or one ormore hardware components of a computer system (e.g., a processor or agroup of processors 804) may be configured by software (e.g., anapplication 716 or application portion) as a hardware component thatoperates to perform certain operations as described herein. A hardwarecomponent may also be implemented mechanically, electronically, or anysuitable combination thereof. For example, a hardware component mayinclude dedicated circuitry or logic that is permanently configured toperform certain operations. A hardware component may be aspecial-purpose processor, such as a field-programmable gate array(FPGA) or an application specific integrated circuit (ASIC). A hardwarecomponent may also include programmable logic or circuitry that istemporarily configured by software to perform certain operations. Forexample, a hardware component may include software executed by ageneral-purpose processor 804 or other programmable processor 804. Onceconfigured by such software, hardware components become specificmachines 800 (or specific components of a machine 800) uniquely tailoredto perform the configured functions and are no longer general-purposeprocessors 804. It will be appreciated that the decision to implement ahardware component mechanically, in dedicated and permanently configuredcircuitry, or in temporarily configured circuitry (e.g., configured bysoftware), may be driven by cost and time considerations. Accordingly,the phrase “hardware component”(or “hardware-implemented component”)should be understood to encompass a tangible entity, be that an entitythat is physically constructed, permanently configured (e.g.,hardwired), or temporarily configured (e.g., programmed) to operate in acertain manner or to perform certain operations described herein.Considering embodiments in which hardware components are temporarilyconfigured (e.g., programmed), each of the hardware components need notbe configured or instantiated at any one instance in time. For example,where a hardware component comprises a general-purpose processor 804configured by software to become a special-purpose processor, thegeneral-purpose processor 804 may be configured as respectivelydifferent special-purpose processors (e.g., comprising differenthardware components) at different times. Software accordingly configuresa particular processor or processors 804, for example, to constitute aparticular hardware component at one instance of time and to constitutea different hardware component at a different instance of time. Hardwarecomponents can provide information to, and receive information from,other hardware components. Accordingly, the described hardwarecomponents may be regarded as being communicatively coupled. Wheremultiple hardware components exist contemporaneously, communications maybe achieved through signal transmission (e.g., over appropriate circuitsand buses 802) between or among two or more of the hardware components.In embodiments in which multiple hardware components are configured orinstantiated at different times, communications between such hardwarecomponents may be achieved, for example, through the storage andretrieval of information in memory structures to which the multiplehardware components have access. For example, one hardware component mayperform an operation and store the output of that operation in a memorydevice to which it is communicatively coupled. A further hardwarecomponent may then, at a later time, access the memory device toretrieve and process the stored output. Hardware components may alsoinitiate communications with input or output devices, and can operate ona resource (e.g., a collection of information). The various operationsof example methods described herein may be performed, at leastpartially, by one or more computer processors 804 that are temporarilyconfigured (e.g., by software) or permanently configured to perform therelevant operations. Whether temporarily or permanently configured, suchprocessors 804 may constitute processor-implemented components thatoperate to perform one or more operations or functions described herein.As used herein, “processor-implemented component” refers to a hardwarecomponent implemented using one or more computer processors 804.Similarly, the methods described herein may be at least partiallyprocessor-implemented, with a particular processor or processors 804being an example of hardware. For example, at least some of theoperations of a method may be performed by one or more computerprocessors 804 or processor-implemented components. Moreover, the one ormore computer processors 804 may also operate to support performance ofthe relevant operations in a “cloud computing” environment or as a“software as a service” (SaaS). For example, at least some of theoperations may be performed by a group of computers (as examples ofmachines 800 including processors 804), with these operations beingaccessible via a network 832 (e.g., the Internet) and via one or moreappropriate interfaces (e.g., an API). The performance of certain of theoperations may be distributed among the processors 804, not onlyresiding within a single machine 800, but deployed across a number ofmachines 800. In some example embodiments, the processors 804 orprocessor-implemented components may be located in a single geographiclocation (e.g., within a home environment, an office environment, or aserver farm). In other example embodiments, the processors 804 orprocessor-implemented components may be distributed across a number ofgeographic locations.

“PROCESSOR” in this context refers to any circuit or virtual circuit (aphysical circuit emulated by logic executing on an actual processor 804)that manipulates data values according to control signals (e.g.,“commands,” “op codes,” “machine code,” etc.) and which producescorresponding output signals that are applied to operate a machine 800.A processor 804 may be, for example, a central processing unit (CPU), areduced instruction set computing (RISC) processor, a complexinstruction set computing (CISC) processor, a graphics processing unit(GPU), a digital signal processor (DSP), an ASIC, a radio-frequencyintegrated circuit (RFIC) or any combination thereof. A processor 804may further be a multi-core processor having two or more independentprocessors 804 (sometimes referred to as “cores”) that may executeinstructions 810 contemporaneously.

What is claimed is:
 1. A method comprising: receiving a currentApplication Programming Interface (API) request having originated froman Internet Protocol (IP) address; determining a counter value ofprevious API requests that originated from the IP address and resultedin error; determining, based on the counter value of the previous APIrequests that originated from the IP address and resulted in error, toapply a delay to a processing of the current API request, and a lengthof the delay to apply to the processing of the current API request;causing the delay to be applied to the processing of the current APIrequest using the determined length; and in response to determining thatthe delay has completed, causing the processing of the current APIrequest to resume.
 2. The method of claim 1, wherein each of theprevious APIs is associated with a response comprising a response codeindicating whether a respective previous API request originated from theIP address has resulted in error.
 3. The method of claim 1, wherein theprocessing of the current API request comprises: forwarding the currentAPI request to a resource based on a request path included in the APIrequest; receiving an API response from the resource in response to thecurrent API request; transmitting the API response to the originating IPaddress; and updating the previous API requests that originated from theIP address based on the API response.
 4. The method of claim 1, whereindetermining, based on the counter value of the previous API requeststhat originated from the IP address and resulted in error, to apply thedelay to the processing of the current API request, and the length ofthe delay to apply to the processing of the current API requestcomprises: determining that the counter value of the previous APIrequests that originated from the IP address and resulted in errorsatisfies a threshold criterion.
 5. The method of claim 4, furthercomprising: receiving a second API request having originated from the IPaddress; determining an updated counter value based on previous APIrequests having originated from the IP address; determining, based onthe updated counter value, to apply a second delay using a second lengthin relation to the second API request; and causing the second delay tobe applied to the processing of the second API request using the secondlength.
 6. The method of claim 5, wherein determining, based on theupdated counter value, to apply the second delay using the second lengthin relation to the second API request comprises: determining that theupdated counter value of the second API request that originated from theIP address and resulted in error satisfies a second threshold criterion,wherein the second threshold criterion is higher than the thresholdcriterion, and the length of the delay is different than the secondlength of the second delay.
 7. The method of claim 1, furthercomprising: receiving a second API request having originated from the IPaddress; determining an updated counter value based on previous APIrequests having originated from the IP address; and determining, basedon the updated counter value, to process the second API request withoutinitiating the delay.
 8. The method of claim 1, wherein determining thecounter value comprises: determining a number of the previous APIrequests having originated from the IP address and having produced oneor more responses comprising a response code indicating that theprevious API requests originated from the IP address have resulted in amatching error.
 9. A system comprising: a memory; and one or moreprocessors, coupled to the memory to perform operations comprising:receiving a current Application Programming Interface (API) requesthaving originated from an Internet Protocol (IP) address; determining acounter value of previous API requests that originated from the IPaddress and resulted in error; determining, based on the counter valueof the previous API requests that originated from the IP address andresulted in error, to apply a delay to a processing of the current APIrequest, and a length of the delay to apply to the processing of thecurrent API request; causing the delay to be applied to the processingof the current API request using the determined length; and in responseto determining that the delay has completed, causing the processing ofthe current API request to resume.
 10. The system of claim 9, whereineach of the previous APIs is associated with a response comprising aresponse code indicating whether a respective previous API requestoriginated from the IP address has resulted in error.
 11. The system ofclaim 9, wherein the processing of the current API request comprises:forwarding the current API request to a resource based on a request pathincluded in the API request; receiving an API response from the resourcein response to the current API request; transmitting the API response tothe originating IP address; and updating the previous API requests thatoriginated from the IP address based on the API response.
 12. The systemof claim 9, wherein determining, based on the counter value of theprevious API requests that originated from the IP address and resultedin error, to apply the delay to the processing of the current APIrequest, and the length of the delay to apply to the processing of thecurrent API request comprises: determining that the counter value of theprevious API requests that originated from the IP address and resultedin error satisfies a threshold criterion.
 13. The system of claim 12,the operations further comprising: receiving a second API request havingoriginated from the IP address; determining an updated counter valuebased on previous API requests having originated from the IP address;determining, based on the updated counter value, to apply a second delayusing a second length in relation to the second API request; and causingthe second delay to be applied to the processing of the second APIrequest using the second length.
 14. The system of claim 13, whereindetermining, based on the updated counter value, to apply the seconddelay using the second length in relation to the second API requestcomprises: determining that the updated counter value of the second APIrequest that originated from the IP address and resulted in errorsatisfies a second threshold criterion, wherein the second thresholdcriterion is higher than the threshold criterion, and the length of thedelay is different than the second length of the second delay.
 15. Thesystem of claim 9, the operations further comprising: receiving a secondAPI request having originated from the IP address; determining anupdated counter value based on previous API requests having originatedfrom the IP address; and determining, based on the updated countervalue, to process the second API request without initiating the delay.16. The system of claim 9, wherein determining the counter valuecomprises: determining a number of the previous API requests havingoriginated from the IP address and having produced one or more responsescomprising a response code indicating that the previous API requestsoriginated from the IP address have resulted in a matching error.
 17. Anon-transitory computer-readable medium storing instructions that, whenexecuted by one or more processors, cause the one or more processors toperform operations comprising: receiving a current ApplicationProgramming Interface (API) request having originated from an InternetProtocol (IP) address; determining a counter value of previous APIrequests that originated from the IP address and resulted in error;determining, based on the counter value of the previous API requeststhat originated from the IP address and resulted in error, to apply adelay to a processing of the current API request, and a length of thedelay to apply to the processing of the current API request; causing thedelay to be applied to the processing of the current API request usingthe determined length; and in response to determining that the delay hascompleted, causing the processing of the current API request to resume.18. The non-transitory computer-readable medium of claim 17, wherein theprocessing of the current API request comprises: forwarding the currentAPI request to a resource based on a request path included in the APIrequest; receiving an API response from the resource in response to thecurrent API request; transmitting the API response to the originating IPaddress; and updating the previous API requests that originated from theIP address based on the API response.
 19. The non-transitorycomputer-readable medium of claim 17, the operations further comprising:receiving a second API request having originated from the IP address;determining an updated counter value based on previous API requestshaving originated from the IP address; determining, based on the updatedcounter value, to apply a second delay using a second length in relationto the second API request; and causing the second delay to be applied tothe processing of the second API request using the second length. 20.The non-transitory computer-readable medium of claim 17, the operationsfurther comprising: receiving a second API request having originatedfrom the IP address; determining an updated counter value based onprevious API requests having originated from the IP address; anddetermining, based on the updated counter value, to process the secondAPI request without initiating the delay.